News
Command-Jacking Used to Launch Malicious Code on Open-Source Platforms
Oct 14, 2024 | Attackers are exploiting entry points in open-source environments like PyPI and npm through command-jacking, a technique that impersonates system commands to inject malicious code. Experts emphasize the need for audits, strict dependency management, and package signing to secure developer workflows and prevent supply chain attacks.
Iranian "Dream Job" Campaign Targets Aerospace Sector
Nov 15, 2024 | Iranian threat group TA455 is using fake job offers to infiltrate the aerospace industry, according to ClearSky Cyber Security.
Zero-Day Exploits Surge in 2023: Cisco and Fortinet Under Fire
Nov 15, 2024 | In 2023, attackers increasingly targeted zero-day vulnerabilities, leveraging flaws in Citrix, Cisco, and Fortinet products to breach enterpris